vulnerability Archives – Page 3 of 7

GitLab Zero-Click Account Hijack Vulnerability Revealed

GitHub developers release a fix to the critical account hijack vulnerability

On January 11, 2024, GitLab released an update with the official warning regarding the critical security violation fix. The vulnerability allows the user to send the account password reset form to an unverified email address, effectively granting a stranger access to the repository. Almost all 16.x versions of their software package is susceptible to the… Continue reading GitLab Zero-Click Account Hijack Vulnerability Revealed

Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

A once-patched vulnerability in Microsoft Windows Defender SmartScreen has resurfaced again

The malicious campaign exploits the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen to spread Phemedrone Stealer. It utilizes intricate evasion techniques to bypass traditional security measures and target sensitive user information. Phemedrone Stealer Campaign Exploits CVE-2023-36025 Trend Micro researchers uncovered a malware campaign exploiting the CVE-2023-36025 vulnerability in Microsoft Windows Defender SmartScreen. This campaign involves… Continue reading Windows SmartScreen Vulnerability Exploited to Spread Phemedrone Stealer

Cisco Unity Connection Vulnerability Enables Root Access

Cisco patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.

Cisco has recently addressed a significant security vulnerabilit in its Unity Connection softwarey, identified as CVE-2024-20272. This flaw poses a critical risk as it allows unauthenticated attackers to gain root privileges on affected systems. The update is already available and is recommended for installation as soon as possible. Vulnerability in Cisco Unity Connection Allows for… Continue reading Cisco Unity Connection Vulnerability Enables Root Access

Apache OFBiz Vulnerability Exposes Millions of Systems

SonicWall detects zero-day AuthBIZ flaw in Apache OFBiz

The cyber world has been rattled by the recent discovery of a critical zero-day vulnerability in Apache OFBiz, known as CVE-2023-51467. Researchers at SonicWall unveiled this flaw, which poses a significant threat by enabling attackers to bypass authentication and carry out a Server-Side Request Forgery (SSRF). The vulnerability is severe, with a CVSS score of… Continue reading Apache OFBiz Vulnerability Exposes Millions of Systems

Two Adobe ColdFusion Vulnerabilities Exploited in The Wild

CISA reports about two vulnerabilities in ColdFusion that are actively exploited in cyberattacks

Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks, the Cybersecurity & Infrastructure Security Agency (CISA) warns. Both issues are related to the possibility of arbitrary code execution, caused by poor validation of deserialized data. Adobe released patches for both of these vulnerabilities back in mid-July 2023, when they were originally detected. ColdFusion ACE… Continue reading Two Adobe ColdFusion Vulnerabilities Exploited in The Wild

SMTP Smuggling is a New Threat to Email Security

A new exploitation technique known as SMTP smuggling has emerged, which can be maliciously utilized as a weapon.

A new SMTP Smuggling technique reportedly has the potential to bypass existing security protocols. Also it can enable attackers to send spoofed emails from seemingly legitimate addresses. This may breathe new life into email spam, despite its efficiency not decreasing throughout the last time. What is SMTP Smuggling? SMTP smuggling is a novice exploitation technique… Continue reading SMTP Smuggling is a New Threat to Email Security

Qualcomm RCE Vulnerabilities Expose Millions of Users

Chain of vulnerabilities discovered in Qualcomm chips

Vulnerability in several Qualcomm chipsets allows for remote code execution during the phone call. This and other vulnerabilities were uncovered in the latest security bulletin released by the chipmaker. The optimistic part here is that the company uncovered the flaws half a year ago, and arranged the fixes with the OEMs. RCE Vulnerability In Qualcomm… Continue reading Qualcomm RCE Vulnerabilities Expose Millions of Users

DLL Search Order Hijacking Technique Bypasses Protection

Another way to use legitimate Windows components for illegal purposes is found.

A new DLL (Dynamic Link Library) Search Order Hijacking variant emerged. This method capitalizes on executables in the trusted WinSxS folder of Windows 10 and 11, allowing threat actors to execute malicious code without needing high privileges. How Does DLL Search Order Hijacking Work? Researchers detect a novel DLL search order hijacking variant. It leverages… Continue reading DLL Search Order Hijacking Technique Bypasses Protection

Microsoft Disables MSIX App Installer Protocol

Attackers have found a way to exploit a previously patched vulnerability.

Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software detection. MSIX Installer Protocol Exploited The emergence of a malware kit market, exploiting the MSIX file format and ms-app installer protocol is nothing new. However,… Continue reading Microsoft Disables MSIX App Installer Protocol

UAC-0099 Targets Ukrainian Companies With Lonepage Malware

UAC-0099 has been using a critical vulnerability in WinRAR software to spread Lonepage malware.

Ukrainian cyberwarfare sees further action as the UAC-0099 threat actor escalates its cyber espionage campaign against Ukrainian firms. Leveraging a severe vulnerability in the popular WinRAR software, the group orchestrates sophisticated attacks to deploy the Lonepage malware, a VBS malware capable of remote command execution and data theft. UAC-0099 Exploits WinRar Vulnerability In most recent… Continue reading UAC-0099 Targets Ukrainian Companies With Lonepage Malware